﻿// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.


using IdentityServer4;
using IdentityServer4.Models;
using Microsoft.Extensions.DependencyInjection;
using System.Collections.Generic;

namespace IdentityServer
{
    public static class Config
    {
        public static IEnumerable<IdentityResource> IdentityResources =>
            new IdentityResource[]
            {
                new IdentityResources.OpenId(),
                new IdentityResources.Profile()
            };


        // 定义API范围
        public static IEnumerable<ApiScope> ApiScopes =>
            new List<ApiScope>
            { 
                new ApiScope("api1","My API")
            };

        // 定义客户
        public static IEnumerable<Client> Clients =>
            new List<Client> 
            {
                new Client
                { 
                    ClientId = "client",

                    // no interactive user,use the clientid/secret for authentication
                    AllowedGrantTypes = GrantTypes.ClientCredentials,

                    // secret for authentication
                    ClientSecrets =
                    { 
                        new Secret("secret".Sha256())
                    },

                    // scopes that client has access to
                    AllowedScopes = { "api1" }
                },
                //将MVC客户端添加到IdentityServer配置
                new Client
                { 
                    ClientId = "mvc",
                    ClientSecrets = { new Secret("secret".Sha256())},

                    AllowedGrantTypes = GrantTypes.Code,

                    //登录后跳转
                    RedirectUris = { "http://localhost:5002/signin-oidc"},

                    //登出后跳转
                    PostLogoutRedirectUris = { "http://localhost:5002/signout-callback-oidc"},

                    AllowedScopes = new List<string>
                    { 
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "api1"
                    }
                },
                //JavaScript Client
                new Client
                { 
                    ClientId = "js",
                    ClientName = "JavaScript Client",
                    AllowedGrantTypes = GrantTypes.Code,
                    RequireClientSecret = false,

                    RedirectUris = { "http://localhost:5003/callback.html"},
                    PostLogoutRedirectUris = { "http://localhost:5003/index.html"},
                    AllowedCorsOrigins = { "http://localhost:5003"},

                    AllowedScopes=
                    { 
                        IdentityServerConstants.StandardScopes.OpenId,
                        IdentityServerConstants.StandardScopes.Profile,
                        "api1"
                    }
                }
            };
    }
}